76964816c83d3e4e8a6a393777b30f22a6f9cd51 - kernel/msm-4.9

commit	76964816c83d3e4e8a6a393777b30f22a6f9cd51	[log] [tgz]
author	Theodore Ts'o <tytso@mit.edu>	Mon Mar 26 23:54:10 2018 -0400
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	Tue May 01 15:13:03 2018 -0700
tree	499224215d42896e7a44cac274c04f8abfc19d52
parent	2e54d7c12c34edba7f4c796697e8fd0b4a0cb118 [diff]

ext4: add validity checks for bitmap block numbers

commit 7dac4a1726a9c64a517d595c40e95e2d0d135f6f upstream.

An privileged attacker can cause a crash by mounting a crafted ext4
image which triggers a out-of-bounds read in the function
ext4_valid_block_bitmap() in fs/ext4/balloc.c.

This issue has been assigned CVE-2018-1093.

BugLink: https://bugzilla.kernel.org/show_bug.cgi?id=199181
BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1560782
Reported-by: Wen Xu <wen.xu@gatech.edu>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@vger.kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

fs/ext4/balloc.c[diff]
fs/ext4/ialloc.c[diff]

2 files changed

tree: 499224215d42896e7a44cac274c04f8abfc19d52